In the past 10 years, 24 privacy laws have been enacted in countries in Africa and the Near East, with 14 in the past five years. The region has very distinct characteristics that set it apart from other regions of the world, especially with respect to the cross-border transfer and registration requirements. The newest laws are in the Republic of the Congo, Egypt, Kenya, Nigeria, Togo, and Uganda and other areas have had laws amended. Although most of the laws in the region apply to processing in-country only, three have extraterritorial provisions: Benin, Qatar, and Uganda. Most of the jurisdictions impose restrictions on cross-border transfer for personal data, but a vast array of rules set each of them apart, including those regarding adequacy, adequate protection measures, legal bases, breach notification, legal bases for processing, individual rights, the appointment of a Data Protection Officer (DPO), registration requirements, security, Data Protection Impact Assessments (DPIAs) and enforcement.
